From d3d6d2e3f1b44fc6f8673a34981d741377e5dd04 Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Tue, 12 Jul 2011 16:03:07 +0200
Subject: #4 completed import with file-upload and fsock-open method

---
 db/db_rewrite.sql                 | 156 ++++++++++++++++----
 includes/pages/admin_import.php   | 295 ++++++++++++++------------------------
 includes/sys_menu.php             |   2 +-
 includes/sys_template.php         |   2 +-
 public/bootstrap.php              |   2 +-
 public/css/base.css               |  10 ++
 templates/admin_import_input.html |  31 +++-
 7 files changed, 271 insertions(+), 227 deletions(-)

diff --git a/db/db_rewrite.sql b/db/db_rewrite.sql
index 6b5d1648..d19e60a5 100644
--- a/db/db_rewrite.sql
+++ b/db/db_rewrite.sql
@@ -3,7 +3,7 @@
 -- http://www.phpmyadmin.net
 --
 -- Host: localhost
--- Erstellungszeit: 13. Juni 2011 um 17:08
+-- Erstellungszeit: 12. Juli 2011 um 14:02
 -- Server Version: 5.1.44
 -- PHP-Version: 5.3.1
 
@@ -32,7 +32,6 @@ CREATE TABLE IF NOT EXISTS `AngelTypes` (
 --
 
 INSERT INTO `AngelTypes` (`TID`, `Name`, `Man`) VALUES
-(1, 'Sex', ''),
 (4, 'Audio', ''),
 (5, 'Massage', '');
 
@@ -71,29 +70,29 @@ CREATE TABLE IF NOT EXISTS `Counter` (
 --
 
 INSERT INTO `Counter` (`URL`, `Anz`) VALUES
-('news', 223),
-('login', 70),
+('news', 231),
+('login', 77),
 ('logout', 20),
-('start', 49),
+('start', 52),
 ('faq', 34),
-('credits', 11),
-('register', 20),
-('admin_rooms', 90),
-('admin_angel_types', 72),
+('credits', 12),
+('register', 21),
+('admin_rooms', 95),
+('admin_angel_types', 81),
 ('user_settings', 148),
-('user_messages', 115),
+('user_messages', 123),
 ('admin_groups', 156),
 ('user_questions', 58),
 ('admin_questions', 45),
 ('admin_faq', 59),
-('admin_news', 33),
-('news_comments', 151),
-('admin_user', 206),
-('user_meetings', 9),
+('admin_news', 35),
+('news_comments', 154),
+('admin_user', 208),
+('user_meetings', 10),
 ('admin_language', 35),
 ('admin_log', 19),
 ('user_wakeup', 64),
-('admin_import', 39);
+('admin_import', 216);
 
 -- --------------------------------------------------------
 
@@ -209,15 +208,14 @@ CREATE TABLE IF NOT EXISTS `Messages` (
   KEY `Datum` (`Datum`),
   KEY `SUID` (`SUID`),
   KEY `RUID` (`RUID`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COMMENT='Fuers interen Communikationssystem' AUTO_INCREMENT=8 ;
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COMMENT='Fuers interen Communikationssystem' AUTO_INCREMENT=9 ;
 
 --
 -- Daten für Tabelle `Messages`
 --
 
 INSERT INTO `Messages` (`id`, `Datum`, `SUID`, `RUID`, `isRead`, `Text`) VALUES
-(2, 1307042342, 1, 147, 'Y', 'asdfasdfasdfasdf'),
-(4, 1307042622, 1, 147, 'Y', 'asdfasdfasdf'),
+(8, 1307985371, 1, 148, 'N', 'asdfasdfasdfasdfasdfasdfasdfasdf'),
 (7, 1307042692, 147, 1, 'Y', 'foobar');
 
 -- --------------------------------------------------------
@@ -347,15 +345,19 @@ CREATE TABLE IF NOT EXISTS `Room` (
   `FromPentabarf` char(1) NOT NULL DEFAULT 'N',
   `show` char(1) NOT NULL DEFAULT 'Y',
   `Number` int(11) DEFAULT NULL,
-  PRIMARY KEY (`RID`)
-) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=3 ;
+  PRIMARY KEY (`RID`),
+  UNIQUE KEY `Name` (`Name`)
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=10 ;
 
 --
 -- Daten für Tabelle `Room`
 --
 
 INSERT INTO `Room` (`RID`, `Name`, `Man`, `FromPentabarf`, `show`, `Number`) VALUES
-(2, 'Mein Zimmer', 'msquare', 'N', 'Y', 1337);
+(2, 'Mein Zimmer', 'msquare', 'N', 'Y', 1337),
+(3, 'Saal 1', NULL, 'Y', 'Y', NULL),
+(4, 'Saal 2', NULL, 'Y', 'Y', NULL),
+(5, 'Saal 3', NULL, 'Y', 'Y', NULL);
 
 -- --------------------------------------------------------
 
@@ -376,8 +378,6 @@ CREATE TABLE IF NOT EXISTS `RoomAngelTypes` (
 -- Daten für Tabelle `RoomAngelTypes`
 --
 
-INSERT INTO `RoomAngelTypes` (`id`, `room_id`, `angel_type_id`, `count`) VALUES
-(2, 1, 1, 3);
 
 -- --------------------------------------------------------
 
@@ -425,20 +425,116 @@ CREATE TABLE IF NOT EXISTS `ShiftFreeloader` (
 
 CREATE TABLE IF NOT EXISTS `Shifts` (
   `SID` int(11) NOT NULL AUTO_INCREMENT,
-  `DateS` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
-  `DateE` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
-  `Len` float NOT NULL DEFAULT '0',
+  `start` int(11) NOT NULL,
+  `end` int(11) NOT NULL,
   `RID` int(11) NOT NULL DEFAULT '0',
   `Man` text,
   `URL` text,
-  `PSID` text,
-  PRIMARY KEY (`SID`)
-) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
+  `PSID` int(11) DEFAULT NULL,
+  PRIMARY KEY (`SID`),
+  UNIQUE KEY `PSID` (`PSID`)
+) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=99 ;
 
 --
 -- Daten für Tabelle `Shifts`
 --
 
+INSERT INTO `Shifts` (`SID`, `start`, `end`, `RID`, `Man`, `URL`, `PSID`) VALUES
+(1, 1293445800, 1293449400, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4302.en.html', 4302),
+(2, 1293618600, 1293622200, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4244.en.html', 4244),
+(3, 1293487200, 1293490800, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4245.en.html', 4245),
+(4, 1293569100, 1293572700, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4057.en.html', 4057),
+(5, 1293715800, 1293717600, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4168.en.html', 4168),
+(6, 1293471000, 1293474600, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4046.en.html', 4046),
+(7, 1293639300, 1293642900, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4114.en.html', 4114),
+(8, 1293639300, 1293642900, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4151.en.html', 4151),
+(9, 1293548400, 1293552000, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4144.en.html', 4144),
+(10, 1293462000, 1293465600, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4160.en.html', 4160),
+(11, 1293552900, 1293556500, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4061.en.html', 4061),
+(12, 1293618600, 1293625800, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4298.en.html', 4298),
+(13, 1293651000, 1293654600, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4211.en.html', 4211),
+(14, 1293730200, 1293733800, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4299.en.html', 4299),
+(15, 1293450300, 1293453900, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4096.en.html', 4096),
+(16, 1293627600, 1293631200, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4276.en.html', 4276),
+(17, 1293634800, 1293638400, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4087.en.html', 4087),
+(18, 1293454800, 1293458400, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4140.en.html', 4140),
+(19, 1293450300, 1293453900, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4103.en.html', 4103),
+(20, 1293709500, 1293712200, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4003.en.html', 4003),
+(21, 1293714000, 1293717600, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4067.en.html', 4067),
+(22, 1293569100, 1293572700, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4231.en.html', 4231),
+(23, 1293478200, 1293481800, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4190.en.html', 4190),
+(24, 1293557400, 1293561000, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4123.en.html', 4123),
+(25, 1293478200, 1293481800, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4017.en.html', 4017),
+(26, 1293482700, 1293486300, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4297.en.html', 4297),
+(27, 1293651000, 1293654600, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4085.en.html', 4085),
+(28, 1293532200, 1293535800, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4203.en.html', 4203),
+(29, 1293634800, 1293638400, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4006.en.html', 4006),
+(30, 1293462000, 1293465600, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4111.en.html', 4111),
+(31, 1293532200, 1293535800, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4099.en.html', 4099),
+(32, 1293655500, 1293659100, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4070.en.html', 4070),
+(33, 1293655500, 1293659100, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4334.en.html', 4334),
+(34, 1293466500, 1293470100, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4164.en.html', 4164),
+(35, 1293450300, 1293453900, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4175.en.html', 4175),
+(36, 1293660000, 1293663600, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4018.en.html', 4018),
+(37, 1293660000, 1293667200, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4141.en.html', 4141),
+(38, 1293660000, 1293667200, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4333.en.html', 4333),
+(39, 1293713100, 1293714900, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/3983.en.html', 3983),
+(40, 1293478200, 1293481800, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4176.en.html', 4176),
+(41, 1293471000, 1293474600, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4265.en.html', 4265),
+(42, 1293725700, 1293729300, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4193.en.html', 4193),
+(43, 1293564600, 1293568200, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4295.en.html', 4295),
+(44, 1293721200, 1293724800, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4301.en.html', 4301),
+(45, 1293709500, 1293713100, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4089.en.html', 4089),
+(46, 1293541200, 1293544800, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4149.en.html', 4149),
+(47, 1293626700, 1293628500, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4084.en.html', 4084),
+(48, 1293639300, 1293642900, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4206.en.html', 4206),
+(49, 1293643800, 1293647400, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4237.en.html', 4237),
+(50, 1293721200, 1293724800, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4236.en.html', 4236),
+(51, 1293548400, 1293552000, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4121.en.html', 4121),
+(52, 1293454800, 1293458400, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4011.en.html', 4011),
+(53, 1293536700, 1293540300, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4296.en.html', 4296),
+(54, 1293618600, 1293626700, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4239.en.html', 4239),
+(55, 1293705000, 1293713100, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4300.en.html', 4300),
+(56, 1293552900, 1293556500, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4195.en.html', 4195),
+(57, 1293543000, 1293544800, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4073.en.html', 4073),
+(58, 1293537600, 1293539400, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4210.en.html', 4210),
+(59, 1293552900, 1293556500, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4081.en.html', 4081),
+(60, 1293471000, 1293476400, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4094.en.html', 4094),
+(61, 1293725700, 1293729300, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4261.en.html', 4261),
+(62, 1293540300, 1293542100, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4142.en.html', 4142),
+(63, 1293705000, 1293708600, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4221.en.html', 4221),
+(64, 1293721200, 1293724800, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4339.en.html', 4339),
+(65, 1293548400, 1293552000, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4143.en.html', 4143),
+(66, 1293491700, 1293495300, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4253.en.html', 4253),
+(67, 1293627600, 1293631200, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4326.en.html', 4326),
+(68, 1293482700, 1293486300, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/3957.en.html', 3957),
+(69, 1293651000, 1293654600, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4036.en.html', 4036),
+(70, 1293536700, 1293540300, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4159.en.html', 4159),
+(71, 1293487200, 1293490800, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4082.en.html', 4082),
+(72, 1293643800, 1293647400, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/3952.en.html', 3952),
+(73, 1293634800, 1293638400, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4183.en.html', 4183),
+(74, 1293573600, 1293577200, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4138.en.html', 4138),
+(75, 1293725700, 1293729300, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4230.en.html', 4230),
+(76, 1293629400, 1293631200, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4181.en.html', 4181),
+(77, 1293466500, 1293470100, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4060.en.html', 4060),
+(78, 1293487200, 1293490800, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4125.en.html', 4125),
+(79, 1293564600, 1293568200, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4145.en.html', 4145),
+(80, 1293578100, 1293581700, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4184.en.html', 4184),
+(81, 1293557400, 1293561000, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4097.en.html', 4097),
+(82, 1293622200, 1293625800, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4055.en.html', 4055),
+(83, 1293564600, 1293568200, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4090.en.html', 4090),
+(84, 1293557400, 1293561000, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4201.en.html', 4201),
+(85, 1293573600, 1293577200, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4174.en.html', 4174),
+(86, 1293573600, 1293577200, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4263.en.html', 4263),
+(87, 1293714000, 1293717600, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4124.en.html', 4124),
+(88, 1293705000, 1293708600, 4, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4098.en.html', 4098),
+(89, 1293466500, 1293470100, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4234.en.html', 4234),
+(90, 1293454800, 1293458400, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4252.en.html', 4252),
+(91, 1293462000, 1293465600, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4185.en.html', 4185),
+(92, 1293541200, 1293544800, 3, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4208.en.html', 4208),
+(93, 1293532200, 1293535800, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4338.en.html', 4338),
+(94, 1293643800, 1293647400, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4187.en.html', 4187),
+(95, 1293655500, 1293659100, 5, NULL, 'http://events.ccc.de/congress/2010/Fahrplan/events/4209.en.html', 4209);
 
 -- --------------------------------------------------------
 
@@ -1106,7 +1202,7 @@ CREATE TABLE IF NOT EXISTS `User` (
 --
 
 INSERT INTO `User` (`UID`, `Nick`, `Name`, `Vorname`, `Alter`, `Telefon`, `DECT`, `Handy`, `email`, `ICQ`, `jabber`, `Size`, `Passwort`, `Gekommen`, `Aktiv`, `Tshirt`, `color`, `Sprache`, `Avatar`, `Menu`, `lastLogIn`, `CreateDate`, `Art`, `kommentar`, `Hometown`) VALUES
-(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '21232f297a57a5a743894a0e4a801fc3', 1, 1, 0, 10, 'DE', 115, 'L', 1307984924, '0000-00-00 00:00:00', '', '', ''),
+(1, 'admin', 'Gates', 'Bill', 42, '', '', '', '', '', '', '', '21232f297a57a5a743894a0e4a801fc3', 1, 1, 0, 10, 'DE', 115, 'L', 1310479337, '0000-00-00 00:00:00', '', '', ''),
 (148, 'msquare', '', '', 23, '', '', '', 'msquare@notrademark.de', '', '', '', '4297f44b13955235245b2497399d7a93', 0, 1, 1, 10, 'DE', 0, 'L', 1307110798, '2011-06-03 07:55:24', 'AudioEngel', '', '');
 
 -- --------------------------------------------------------
diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php
index ef75dc8a..a789dd3d 100644
--- a/includes/pages/admin_import.php
+++ b/includes/pages/admin_import.php
@@ -1,6 +1,8 @@
 <?php
 function admin_import() {
+	global $PentabarfXMLhost, $PentabarfXMLpath;
 	global $rooms_import;
+	global $user;
 	$html = "";
 
 	$step = "input";
@@ -15,19 +17,101 @@ function admin_import() {
 	$html .= $step == "import" ? '<b>3. Import</b>' : '3. Import';
 	$html .= '</p>';
 
+	$import_file = '../import/import_' . $user['UID'] . '.xml';
+
 	switch ($step) {
 		case "input" :
 			$ok = false;
-			if (!$ok) {
+			if ($test_handle = fopen('../import/tmp', 'w')) {
+				fclose($test_handle);
+				unlink('../import/tmp');
+			} else {
+				$msg = error("Webserver has no write-permission on import directory.");
+			}
+
+			if (isset ($_REQUEST['submit'])) {
+				$ok = true;
+				if (isset ($_REQUEST['user']) && $_REQUEST['user'] != "" && isset ($_REQUEST['password']) && $_REQUEST['password'] != "") {
+					$fp = fsockopen("ssl://$PentabarfXMLhost", 443, $errno, $errstr, 5);
+
+					if (!$fp) {
+						$ok = false;
+						$msg = error("File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_REQUEST["url"] . "' not readable!" . "[$errstr ($errno)]");
+					} else {
+						$fileOut = fopen($import_file, "w");
+						$head = 'GET /' . $PentabarfXMLpath . $_REQUEST["url"] . ' HTTP/1.1' . "\r\n" .
+						'Host: ' . $PentabarfXMLhost . "\r\n" .
+						'User-Agent: Engelsystem' . "\r\n" .
+						'Authorization: Basic ' .
+						base64_encode($_REQUEST["user"] . ':' . $_REQUEST["password"]) . "\r\n" .
+						"\r\n";
+						fputs($fp, $head);
+						$Zeilen = -1;
+						while (!feof($fp)) {
+							$Temp = fgets($fp, 1024);
+
+							// ende des headers
+							if ($Temp == "f20\r\n") {
+								$Zeilen = 0;
+								$Temp = "";
+							}
+
+							//file ende?
+							if ($Temp == "0\r\n")
+								break;
+
+							if (($Zeilen > -1) && ($Temp != "ffb\r\n")) {
+								//steuerzeichen ausfiltern
+								if (strpos("#$Temp", "\r\n") > 0)
+									$Temp = substr($Temp, 0, strlen($Temp) - 2);
+								if (strpos("#$Temp", "1005") > 0)
+									$Temp = "";
+								if (strpos("#$Temp", "783") > 0)
+									$Temp = "";
+								//schreiben in file
+								fputs($fileOut, $Temp);
+								$Zeilen++;
+							}
+						}
+						fclose($fileOut);
+						fclose($fp);
+						$msg .= success("Es wurden $Zeilen Zeilen eingelesen.");
+					}
+				}
+				elseif (isset ($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) {
+					if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) {
+						libxml_use_internal_errors(true);
+						if (simplexml_load_file($import_file) === false) {
+							$ok = false;
+							$msg = error("No valid xml/xcal file provided.");
+							unlink($import_file);
+						}
+					} else {
+						$ok = false;
+						$msg = error("File upload went wrong.");
+					}
+				} else {
+					$ok = false;
+					$msg = error("Please provide some data.");
+				}
+			}
+
+			if ($ok)
+				header("Location: " . page_link_to('admin_import') . "&step=check");
+			else
 				$html .= template_render('../templates/admin_import_input.html', array (
-					'link' => page_link_to('admin_import')
+					'link' => page_link_to('admin_import'),
+					'msg' => $msg,
+					'url' => "https://$PentabarfXMLhost/$PentabarfXMLpath"
 				));
-				break;
-			}
+			break;
 
 		case "check" :
-			list ($rooms_new, $rooms_deleted) = prepare_rooms();
-			list ($events_new, $events_updated, $events_deleted) = prepare_events();
+			if (!file_exists($import_file))
+				header("Location: " . page_link_to('admin_import'));
+
+			list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
+			list ($events_new, $events_updated, $events_deleted) = prepare_events($import_file);
 
 			$html .= template_render('../templates/admin_import_check.html', array (
 				'link' => page_link_to('admin_import'),
@@ -40,7 +124,10 @@ function admin_import() {
 			break;
 
 		case "import" :
-			list ($rooms_new, $rooms_deleted) = prepare_rooms();
+			if (!file_exists($import_file))
+				header("Location: " . page_link_to('admin_import'));
+
+			list ($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
 			foreach ($rooms_new as $room) {
 				sql_query("INSERT INTO `Room` SET `Name`='" . sql_escape($room) . "', `FromPentabarf`='Y', `Show`='Y'");
 				$rooms_import[trim($room)] = sql_id();
@@ -48,7 +135,7 @@ function admin_import() {
 			foreach ($rooms_deleted as $room)
 				sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1");
 
-			list ($events_new, $events_updated, $events_deleted) = prepare_events();
+			list ($events_new, $events_updated, $events_deleted) = prepare_events($import_file);
 			foreach ($events_new as $event)
 				sql_query("INSERT INTO `Shifts` SET `start`=" . sql_escape($event['start']) . ", `end`=" . sql_escape($event['end']) . ", `RID`=" . sql_escape($event['RID']) . ", `PSID`=" . sql_escape($event['PSID']) . ", `URL`='" . sql_escape($event['URL']) . "'");
 
@@ -59,191 +146,18 @@ function admin_import() {
 				sql_query("DELETE FROM `Shifts` WHERE `PSID`=" .
 				sql_escape($event['PSID']) . " LIMIT 1");
 
+			unlink($import_file);
+
 			$html .= template_render('../templates/admin_import_import.html', array ());
 			break;
 	}
 
 	return $html;
-
-	##############################################################################################
-	global $Room, $RoomID, $RoomName;
-	global $PentabarfGetWith, $PentabarfXMLpath, $PentabarfXMLhost;
-
-	require_once ("includes/funktion_xml.php");
-	///////////
-	// DEBUG //
-	///////////
-	$ShowDataStrukture = 0;
-	$EnableRoomFunctions = 1;
-	$EnableRooms = 1;
-	$EnableSchudleFunctions = 1;
-	$EnableSchudle = 1;
-	$EnableSchudleDB = 1;
-
-	$html = "";
-
-	/*##############################################################################################
-	                   F I L E
-	  ##############################################################################################*/
-	$html .= "\n\n<br />\n<h1>XML File:</h1>\n";
-	if (isset ($_POST["PentabarfUser"]) && isset ($_POST["password"]) && isset ($_POST["PentabarfURL"])) {
-		$html .= "Update XCAL-File from Pentabarf..";
-		if ($PentabarfGetWith == "fsockopen") {
-
-			//backup error messeges and delate
-			$Backuperror_messages = $error_messages;
-			$fp = fsockopen("ssl://$PentabarfXMLhost", 443, $errno, $errstr, 30);
-			//  $error_messages = $Backuperror_messages;
-
-			if (!$fp) {
-				$html .= "<h2>fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!" .
-				"[$errstr ($errno)]</h2>";
-			} else {
-				if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) {
-					$head = 'GET /' . $PentabarfXMLpath . $_POST["PentabarfURL"] . ' HTTP/1.1' . "\r\n" .
-					'Host: ' . $PentabarfXMLhost . "\r\n" .
-					'User-Agent: Engelsystem' . "\r\n" .
-					'Authorization: Basic ' .
-					base64_encode($_POST["PentabarfUser"] . ':' . $_POST["password"]) . "\r\n" .
-					"\r\n";
-					fputs($fp, $head);
-					$Zeilen = -1;
-					while (!feof($fp)) {
-						$Temp = fgets($fp, 1024);
-
-						// ende des headers
-						if ($Temp == "f20\r\n") {
-							$Zeilen = 0;
-							$Temp = "";
-						}
-
-						//file ende?
-						if ($Temp == "0\r\n")
-							break;
-
-						if (($Zeilen > -1) && ($Temp != "ffb\r\n")) {
-							//steuerzeichen ausfiltern
-							if (strpos("#$Temp", "\r\n") > 0)
-								$Temp = substr($Temp, 0, strlen($Temp) - 2);
-							if (strpos("#$Temp", "1005") > 0)
-								$Temp = "";
-							if (strpos("#$Temp", "783") > 0)
-								$Temp = "";
-							//schreiben in file
-							fputs($fileOut, $Temp);
-							$Zeilen++;
-						}
-					}
-					fclose($fileOut);
-
-					$html .= "<br />Es wurden $Zeilen Zeilen eingelesen<br />";
-				} else
-					$html .= "<h2>fail: File '$Tempdir/engelXML' not writeable!</h2>";
-				fclose($fp);
-			}
-		}
-		elseif ($PentabarfGetWith == "fopen") {
-			//user uns password in url einbauen
-			$FileNameIn = "https://" . $_POST["PentabarfUser"] . ':' . $_POST["password"] . "@" .
-			$PentabarfXMLhost . "/" . $PentabarfXMLpath . $_POST["PentabarfURL"];
-
-			if (($fileIn = fopen($FileNameIn, "r")) != FALSE) {
-				if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) {
-					$Zeilen = 0;
-					while (!feof($fileIn)) {
-						$Zeilen++;
-						fputs($fileOut, fgets($fileIn));
-					}
-					fclose($fileOut);
-					$html .= "<br />Es wurden $Zeilen Zeilen eingelesen<br />";
-				} else
-					$html .= "<h2>fail: File '$Tempdir/engelXML' not writeable!</h2>";
-				fclose($fileIn);
-			} else
-				$html .= "<h2>fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!</h2>";
-		}
-		elseif ($PentabarfGetWith == "wget") {
-			$Command = "wget --http-user=" . $_POST["PentabarfUser"] . " --http-passwd=" . $_POST["password"] . " " .
-			"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] .
-			" --output-file=$Tempdir/engelXMLwgetLog --output-document=$Tempdir/engelXML" .
-			" --no-check-certificate";
-			$html .= system($Command, $Status);
-			if ($Status == 0)
-				$html .= "OK.<br />";
-			else
-				$html .= "fail ($Status)($Command).<br />";
-		}
-		elseif ($PentabarfGetWith == "lynx") {
-			$Command = "lynx -auth=" . $_POST["PentabarfUser"] . ":" . $_POST["password"] . " -dump " .
-			"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . " > $Tempdir/engelXML";
-			$html .= system($Command, $Status);
-			if ($Status == 0)
-				$html .= "OK.<br />";
-			else
-				$html .= "fail ($Status)($Command).<br />";
-		}
-		elseif ($PentabarfGetWith == "fopen") {
-			//user uns password in url einbauen
-			$FileNameIn = "https://" . $_POST["PentabarfUser"] . ':' . $_POST["password"] . "@" .
-			$PentabarfXMLhost . "/" . $PentabarfXMLpath . $_POST["PentabarfURL"];
-
-			if (($fileIn = fopen($FileNameIn, "r")) != FALSE) {
-				if (($fileOut = fopen("$Tempdir/engelXML", "w")) != FALSE) {
-					$Zeilen = 0;
-					while (!feof($fileIn)) {
-						$Zeilen++;
-						fputs($fileOut, fgets($fileIn));
-					}
-					fclose($fileOut);
-					$html .= "<br />Es wurden $Zeilen Zeilen eingelesen<br />";
-				} else
-					$html .= "<h2>fail: File '$Tempdir/engelXML' not writeable!</h2>";
-				fclose($fileIn);
-			} else
-				$html .= "<h2>fail: File 'https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . "' not readable!</h2>";
-		}
-		elseif ($PentabarfGetWith == "wget") {
-			$Command = "wget --http-user=" . $_POST["PentabarfUser"] . " --http-passwd=" . $_POST["password"] . " " .
-			"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] .
-			" --output-file=$Tempdir/engelXMLwgetLog --output-document=$Tempdir/engelXML" .
-			" --no-check-certificate";
-			$html .= system($Command, $Status);
-			if ($Status == 0)
-				$html .= "OK.<br />";
-			else
-				$html .= "fail ($Status)($Command).<br />";
-		}
-		elseif ($PentabarfGetWith == "lynx") {
-			$Command = "lynx -auth=" . $_POST["PentabarfUser"] . ":" . $_POST["password"] . " -dump " .
-			"https://$PentabarfXMLhost/$PentabarfXMLpath" . $_POST["PentabarfURL"] . " > $Tempdir/engelXML";
-			$html .= system($Command, $Status);
-			if ($Status == 0)
-				$html .= "OK.<br />";
-			else
-				$html .= "fail ($Status)($Command).<br />";
-		} else
-			$html .= "<h1>The PentabarfGetWith='$PentabarfGetWith' not supported</h1>";
-	} else {
-		$html .= "<form action=\"dbUpdateFromXLS.php\" method=\"post\">\n";
-		$html .= "<table border=\"0\">\n";
-		$html .= "\t<tr><td>XCAL-File: https://$PentabarfXMLhost/$PentabarfXMLpath</td>" .
-		"<td><input name=\"PentabarfURL\" type=\"text\" size=\"4\" maxlength=\"5\" " .
-		"value=\"$PentabarfXMLEventID\"></td></tr>\n";
-		$html .= "\t<tr><td>Username:</td>" .
-		"<td><input name=\"PentabarfUser\" type=\"text\" size=\"30\" maxlength=\"30\"></td></tr>\n";
-		$html .= "\t<tr><td>Password:</td>" .
-		"<td><input name=\"password\" type=\"password\" size=\"30\" maxlength=\"30\"></td></tr>\n";
-		$html .= "\t<tr><td></td><td><input type=\"submit\" name=\"FileUpload\" value=\"upload\"></td></tr>\n";
-		$html .= "</table>\n";
-		$html .= "</form>\n";
-	}
-
-	return $html;
 }
 
-function prepare_rooms() {
+function prepare_rooms($file) {
 	global $rooms_import;
-	$data = read_xml();
+	$data = read_xml($file);
 
 	// Load rooms from db for compare with input
 	$rooms = sql_select("SELECT * FROM `Room` WHERE `FromPentabarf`='Y'");
@@ -272,9 +186,9 @@ function prepare_rooms() {
 	);
 }
 
-function prepare_events() {
+function prepare_events($file) {
 	global $rooms_import;
-	$data = read_xml();
+	$data = read_xml($file);
 
 	$rooms = sql_select("SELECT * FROM `Room`");
 	$rooms_db = array ();
@@ -312,7 +226,7 @@ function prepare_events() {
 				$shifts_updated[] = $shift;
 		}
 
-	$shifts_deleted = array();
+	$shifts_deleted = array ();
 	foreach ($shifts_db as $shift)
 		if (!isset ($shifts_pb[$shift['PSID']]))
 			$shifts_deleted[] = $shift;
@@ -324,10 +238,10 @@ function prepare_events() {
 	);
 }
 
-function read_xml() {
+function read_xml($file) {
 	global $xml_import;
 	if (!isset ($xml_import))
-		$xml_import = new SimpleXMLElement(file_get_contents('../import/27C3_sample.xcs'));
+		$xml_import = simplexml_load_file($file);
 	return $xml_import;
 }
 
@@ -352,4 +266,3 @@ function shift_sort($a, $b) {
 	return ($a['start'] < $b['start']) ? -1 : 1;
 }
 ?>
-
diff --git a/includes/sys_menu.php b/includes/sys_menu.php
index dfe33216..1836c17b 100644
--- a/includes/sys_menu.php
+++ b/includes/sys_menu.php
@@ -118,4 +118,4 @@ function make_langselect() {
 	$html .= '<a class="sprache" href="' . $URL . 'EN"><img src="pic/flag/en.png" alt="EN" title="English"></a></p>';
 	return '<nav class="container"><h4>' . Get_Text("Sprache") . '</h4>' . $html . '</nav>';
 }
-?>
\ No newline at end of file
+?>
diff --git a/includes/sys_template.php b/includes/sys_template.php
index f409dada..06d5ef72 100644
--- a/includes/sys_template.php
+++ b/includes/sys_template.php
@@ -48,4 +48,4 @@ function html_select_key($name, $rows, $selected) {
 	$html .= '</select>';
 	return $html;
 }
-?>
\ No newline at end of file
+?>
diff --git a/public/bootstrap.php b/public/bootstrap.php
index 40a32578..1bc47923 100644
--- a/public/bootstrap.php
+++ b/public/bootstrap.php
@@ -7,4 +7,4 @@ $includePath = ini_get('include_path');
 $includePath .= PATH_SEPARATOR . ROOTPATH . DIRECTORY_SEPARATOR . '..';
 
 ini_set('include_path', $includePath);
-?>
\ No newline at end of file
+?>
diff --git a/public/css/base.css b/public/css/base.css
index 59660b58..40522961 100644
--- a/public/css/base.css
+++ b/public/css/base.css
@@ -111,6 +111,16 @@ fieldset table {
 	margin: 4px;
 }
 
+fieldset p {
+	margin: 4px;
+}
+
+fieldset p label {
+	display: block;
+	float: left;
+	width: 200px;
+}
+
 th {
     background: #f0f0f0;
 }
diff --git a/templates/admin_import_input.html b/templates/admin_import_input.html
index 89454f8c..ac11c766 100644
--- a/templates/admin_import_input.html
+++ b/templates/admin_import_input.html
@@ -1,8 +1,33 @@
-<form action="%link%&step=check" method="post">
+<form action="%link%" method="post" enctype="multipart/form-data">
     <fieldset>
+        %msg%
         <p>
-            While developing we use a fixed file input. Just hit submit.
+            For Pentabarf import provide user/password and url-completion.
+        </p>
+		<p><label>Location:</label> %url%<input type="text" name="url" /></p>
+        <p>
+            <label>
+                User:
+            </label>
+            <input type="text" name="user" value="" />
+        </p>
+        <p>
+            <label>
+                Password:
+            </label>
+            <input type="password" name="password" />
+        </p>
+        <p>
+            Or provide a Xcal-file from pentabarf manually:
+        </p>
+        <p>
+            <label>
+                Xcal-file:
+            </label>
+            <input type="file" name="xcal_file" />
+        </p>
+        <p>
+            <input type="submit" name="submit" value="Submit" />
         </p>
-        <input type="submit" name="submit" value="Submit" />
     </fieldset>
 </form>
\ No newline at end of file
-- 
cgit v1.2.3-54-g00ecf